diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
new file mode 100644
index 0000000..62a71e3
--- /dev/null
+++ b/.github/CODEOWNERS
@@ -0,0 +1,2 @@
+# These owners will be the default owners for everything in the repo. Unless a later match takes precedence, @bmarshall511, as primary maintainer will be requested for review when someone opens a Pull Request.
+* @bmarshall511
diff --git a/.github/ISSUE_TEMPLATE/1-bug-report.yml b/.github/ISSUE_TEMPLATE/1-bug-report.yml
new file mode 100644
index 0000000..4109451
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/1-bug-report.yml
@@ -0,0 +1,70 @@
+name: "\U0001F41B Bug report"
+description: "Report a bug with this project."
+labels: "type:bug"
+body:
+ - type: markdown
+ attributes:
+ value: |
+ Thanks for taking the time to fill out this bug report! Please fill in as much of the template below as you can.
+ - type: textarea
+ attributes:
+ label: Describe the bug
+ description: Please write a clear and concise description of the bug, including what you expect to happen and what is currently happening.
+ placeholder: |
+ Feature '...' is not working properly. I expect '...' to happen, but '...' happens instead
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Steps to Reproduce
+ description: Please write the steps needed to reproduce the bug.
+ placeholder: |
+ 1. Go to '...'
+ 2. Click on '...'
+ 3. Scroll down to '...'
+ 4. See error
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Screenshots, screen recording, code snippet
+ description: |
+ If possible, please upload a screenshot or screen recording which demonstrates the bug. You can use LIEcap to create a GIF screen recording: https://www.cockos.com/licecap/
+ Tip: You can attach images or log files by clicking this area to highlight it and then dragging files in.
+ For small snippets paste it directly here, or you can use GitHub Gist to share multiple code files: https://gist.github.com
+ Please ensure the shared code can be used by a developer to reproduce the issue—ideally it can be copied into a local development environment or executed in a browser console to help debug the issue
+ validations:
+ required: false
+
+ - type: textarea
+ attributes:
+ label: Environment information
+ placeholder: |
+ - Device:
+ - OS:
+ - Browser and version:
+ validations:
+ required: false
+
+ - type: textarea
+ attributes:
+ label: WordPress information
+ placeholder: |
+
+
+ Site Health info:
+
+ 
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..dd091f1
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,48 @@
+# Security Policy
+
+## Supported Versions
+
+The following versions of this project are currently being supported with security updates.
+
+| Version | Supported |
+| ------- | ------------------ |
+| 5.5.1 | :white_check_mark: |
+| <5.5.1 | :x: |
+
+## Reporting a Vulnerability
+
+To report a security issue please email details to info@highfivery.com with a descriptive subject line. This account is monitored by a small team within Highfivery. In addition, please include the following information along with your report:
+
+- Your name and affiliation (if any).
+- A description of the technical details of the vulnerability. It is very important to let us know how we can reproduce your findings.
+- An explanation who can exploit this vulnerability, and what they gain when doing so -- write an attack scenario. This will help us evaluate your report quickly, especially if the issue is complex.
+- Whether this vulnerability is public or known to third parties. If it is, please provide details.
+
+If you believe that an existing (public) issue is security-related, please send an email to info@highfivery.com. The email should include the issue ID and a short description of why it should be handled according to this security policy.
+
+## Responding to Vulnerability Reports
+
+Highfivery takes security bugs seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.
+
+Your email will be acknowledged within ONE business day, and you will receive a more detailed response to your email within SEVEN days indicating the next steps in handling your report. After the initial reply to your report, Highfivery will keep you informed of the progress being made towards a fix and announcement. If your vulnerability report is accepted, then we will work with you on a fix and follow the process noted below on [disclosing vulnerabilities](#disclosing-a-vulnerability). If your vulnerability report is declined, then we will provide you with a reasoning as to why we came to that conclusion.
+
+## Disclosing a Vulnerability
+
+Once an issue is reported, Highfivery uses the following disclosure process:
+
+- When a report is received, we confirm the issue and determine its severity.
+- If we know of specific third-party services or software that require mitigation before publication, those projects will be notified.
+- An advisory is prepared (but not published) which details the problem and steps for mitigation.
+- Wherever possible, fixes are prepared for the last minor release of the two latest major releases, as well as the trunk branch. We will attempt to commit these fixes as soon as possible, and as close together as possible.
+- Patch releases are published for all fixed released versions and the advisory is published.
+- Release notes and our CHANGELOG.md will include a `Security` section with a link to the advisory.
+
+We credit reporters for identifying vulnerabilities, although we will keep your name confidential if you request it.
+
+## Known Vulnerabilities
+
+Past security advisories, if any, are listed below.
+
+| Advisory Number | Type | Versions affected | Reported by | Additional Information |
+|-----------------|--------------------|:-----------------:|-----------------------|-----------------------------|
+| - | - | - | - | - |
diff --git a/composer.json b/composer.json
index ed9bb42..2590ae4 100644
--- a/composer.json
+++ b/composer.json
@@ -1,37 +1,36 @@
{
- "name": "bmarshall511/wordpress_zero_spam",
- "description": "WordPress Zero Spam makes blocking spam & malicious visitors a cinch. Just install, activate and enjoy a spam-free site.",
- "keywords": ["wordpress-plugin"],
+ "name": "highfivery/zero-spam-for-wordpress",
+ "description": "No spam, no scams, just seamless experiences with Zero Spam for WordPress - the shield your site deserves.",
"type": "wordpress-plugin",
- "homepage": "https://www.zerospam.org/",
+ "keywords": ["wordpress", "plugin", "zerospam", "spam"],
+ "license": "GPL-2.0-only",
+ "minimum-stability": "dev",
+ "prefer-stable": true,
"authors": [
{
- "name": "Ben Marshall (bmarshall)",
- "homepage": "https://www.benmarshall.me",
- "role": "Maintainer"
+ "name": "Ben Marshall",
+ "email": "me@benmarshall.me",
+ "homepage": "https://www.benmarshall.me"
+ },
+ {
+ "name": "Highfivery",
+ "email": "info@highfivery.com",
+ "homepage": "https://highfivery.com"
}
],
- "support": {
- "issues": "https://github.com/bmarshall511/wordpress-zero-spam/issues"
- },
- "license": "GPL-2.0-or-later",
- "minimum-stability": "stable",
"repositories": [
{
- "type": "package",
- "package": {
- "name": "bmarshall511/wordpress-zero-spam",
- "version": "master",
- "source": {
- "url": "git://github.com/bmarshall511/wordpress-zero-spam.git",
- "type": "git",
- "reference": "master"
- }
- }
+ "type":"composer",
+ "url":"https://wpackagist.org"
}
],
"require": {
"php" : ">=7.2",
"ipinfo/ipinfo": "^2.3"
+ },
+ "extra": {
+ "installer-paths": {
+ "vendor/{$name}/": ["type:wordpress-plugin"]
+ }
}
}
diff --git a/core/class-access.php b/core/class-access.php
index a57cf22..4f36ea9 100644
--- a/core/class-access.php
+++ b/core/class-access.php
@@ -41,11 +41,12 @@ public function init() {
public static function process( $ignore_ajax = false ) {
$user_ip = \ZeroSpam\Core\User::get_ip();
- // Fix for .favicon requests.
- if ( strpos( $_SERVER['REQUEST_URI'], '.ico' ) !== false ) {
+ // Check for .ico requests.
+ $path = parse_url( $_SERVER['REQUEST_URI'], PHP_URL_PATH );
+ if ( substr( $path, -4 ) === '.ico' ) {
return false;
}
-
+
if ( $ignore_ajax && is_admin() || is_user_logged_in() || \ZeroSpam\Core\Utilities::is_whitelisted( $user_ip ) ) {
return false;
} elseif ( ! $ignore_ajax && ( is_admin() && ! wp_doing_ajax() ) || is_user_logged_in() ) {
diff --git a/core/class-user.php b/core/class-user.php
index 1b7855e..0425f4e 100644
--- a/core/class-user.php
+++ b/core/class-user.php
@@ -21,41 +21,40 @@ class User {
* Gets the current user's IP.
*/
public static function get_ip() {
- $settings = Settings::get_settings();
- $ip = false;
-
- // Check if a debugging IP is enabled.
- if ( ! empty( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) {
- // Check against Cloudflare's reported IP address.
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_CF_CONNECTING_IP'] ) );
- } else {
- // Handle all other IPs.
- if ( ! empty( $_SERVER['HTTP_CLIENT_IP'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_CLIENT_IP'] ) );
- } elseif ( ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_FORWARDED_FOR'] ) );
- } elseif ( ! empty( $_SERVER['HTTP_X_FORWARDED'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_X_FORWARDED'] ) );
- } elseif ( isset( $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_XHTTP_X_CLUSTER_CLIENT_IP_FORWARDED'] ) );
- } elseif ( ! empty( $_SERVER['HTTP_FORWARDED_FOR'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_FORWARDED_FOR'] ) );
- } elseif ( ! empty( $_SERVER['HTTP_FORWARDED'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['HTTP_FORWARDED'] ) );
- } elseif ( ! empty( $_SERVER['REMOTE_ADDR'] ) ) {
- $ip = sanitize_text_field( wp_unslash( $_SERVER['REMOTE_ADDR'] ) );
- }
- }
-
- if ( $ip ) {
- $ip = explode( ',', $ip );
- $ip = trim( $ip[0] );
-
- if ( ! rest_is_ip_address( $ip ) ) {
- $ip = false;
+ $ip_sources = [
+ 'HTTP_CF_CONNECTING_IP',
+ 'HTTP_CLIENT_IP',
+ 'HTTP_X_FORWARDED_FOR',
+ 'HTTP_X_FORWARDED',
+ 'HTTP_X_CLUSTER_CLIENT_IP',
+ 'HTTP_FORWARDED_FOR',
+ 'HTTP_FORWARDED',
+ 'REMOTE_ADDR'
+ ];
+
+ foreach ( $ip_sources as $source ) {
+ if ( ! empty( $_SERVER[ $source ] ) ) {
+ $ip = sanitize_text_field( wp_unslash( $_SERVER[ $source ] ) );
+
+ // Handle multiple IP addresses in X-Forwarded-For by taking the first valid IP.
+ if ( $source === 'HTTP_X_FORWARDED_FOR' && strpos( $ip, ',' ) !== false ) {
+ $ip_list = explode( ',', $ip );
+ foreach ( $ip_list as $potential_ip ) {
+ $potential_ip = trim( $potential_ip );
+ if ( rest_is_ip_address( $potential_ip ) ) {
+ return apply_filters( 'zerospam_get_ip', $potential_ip );
+ }
+ }
+ } else {
+ // Validate single IP address.
+ if ( rest_is_ip_address( $ip ) ) {
+ return apply_filters( 'zerospam_get_ip', $ip );
+ }
+ }
}
}
- return apply_filters( 'zerospam_get_ip', $ip );
+ // Return false if no valid IP address is found.
+ return false;
}
}
diff --git a/modules/ipbase/class-ipbase.php b/modules/ipbase/class-ipbase.php
index 04f3421..7809b29 100644
--- a/modules/ipbase/class-ipbase.php
+++ b/modules/ipbase/class-ipbase.php
@@ -148,7 +148,7 @@ public static function query_ip_address( $ip_address ) {
$queried_cache_key = \ZeroSpam\Core\Utilities::cache_key(
array(
'ipinfo',
- $ip,
+ $ip_address,
)
);
@@ -158,10 +158,10 @@ public static function query_ip_address( $ip_address ) {
$response_timeout = 5;
if ( ! empty( $settings['ipbase_api_timeout'] ) ) {
- $timeout = intval( $settings['ipbase_api_timeout']['value'] );
+ $response_timeout = intval( $settings['ipbase_api_timeout']['value'] );
}
- $response = \ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $timeout ) );
+ $response = \ZeroSpam\Core\Utilities::remote_get( $endpoint, array( 'timeout' => $response_timeout ) );
if ( $response ) {
$result = json_decode( $response, true );
diff --git a/readme.txt b/readme.txt
index 69978cd..1f1b8f4 100644
--- a/readme.txt
+++ b/readme.txt
@@ -9,62 +9,47 @@ Stable tag: 5.5.1
License: GNU GPLv3
License URI: https://choosealicense.com/licenses/gpl-3.0/
-Shield your site from spam, malicious users, and attacks with our advanced detection engine. Integrate seamlessly with other plugins for added protection.
+No spam, no scams, just seamless experiences with Zero Spam for WordPress - the shield your site deserves.
== Description ==
-🛡️ Safeguard your WordPress website effortlessly with Zero Spam for WordPress! Say goodbye to spam, malicious users, and a variety of sneaky attacks that can disrupt your online presence. Our plugin, powered by an advanced behavior detection engine, integrates seamlessly with [Zero Spam](https://www.zerospam.org), [Stop Forum Spam](https://www.stopforumspam.com/), and [Project Honeypot](https://www.projecthoneypot.org/) to provide you with a robust defense system.
+Protect your WordPress website seamlessly with Zero Spam for WordPress! Eliminate spam and malicious attacks that can harm your online presence. Our plugin integrates effortlessly with [Zero Spam](https://www.zerospam.org), [Stop Forum Spam](https://www.stopforumspam.com/), and [Project Honeypot](https://www.projecthoneypot.org/) to offer a strong defense system.
-🔍 Rest easy knowing that our plugin utilizes multiple detection methods to swiftly identify and halt potential threats. Whether it's pesky spam, devious trolls, or cunning hackers, Zero Spam for WordPress is here to protect your digital kingdom.
-
-💪 Take your website's security to the next level with our seamless integration with popular plugins like [WooCommerce](https://wordpress.org/plugins/woocommerce/), [GiveWP](https://givewp.com/ref/1118/), [Gravity Forms](https://www.gravityforms.com/), and many more. By joining forces, we ensure comprehensive protection for your valuable online assets.
-
-💫 Don't let spam and malicious users run amok on your WordPress website. Choose Zero Spam for WordPress and enjoy a safer, more enjoyable online experience. It's time to take control and keep your virtual doorstep spam-free and secure!
+Rest easy knowing that we utilize multiple detection methods to swiftly identify and halt potential threats. Whether it's pesky spam, devious trolls, or cunning hackers, Zero Spam is here to protect your website.
= Worry-free, Powerful Protection at Your Fingertips =
-* Say goodbye to captchas and moderation queues—spam is no longer a user or administrator's problem.
-* Our intelligent behavior detection engine dynamically blocks threats, keeping your site safe.
-* Benefit from seamless integration with global IP reputation providers for enhanced security.
-* Take control with the ability to block IPs temporarily or permanently, ensuring unwanted visitors stay out.
-* Geolocation integration allows you to track the origins of threats, providing valuable insights.
-* Safeguard your site by blocking entire countries, regions, zip/postal codes, and cities.
-* Utilize the optional disallowed list using [splorp's Comment Blacklist](https://github.com/splorp/wordpress-comment-blacklist) to further enhance your protection.
-* Block known disposable and malicious email domains effortlessly using [disposable](https://github.com/disposable).
-* Our plugin employs multiple detection techniques, including the renowned solution by [David Walsh](https://davidwalsh.name/wordpress-comment-spam).
-
-= But wait, there's more! Enhanced Protection for Various Forms =
-
-* Protect your valuable comments, user registrations, and login forms from unwanted intrusions.
-* Safeguard your [GiveWP](https://givewp.com/ref/1118/) forms, preventing attempts to test stolen credit cards.
-* Enjoy seamless integration with popular form plugins such as [Gravity Forms](https://www.gravityforms.com/), [Contact Form 7](https://wordpress.org/plugins/contact-form-7/), [WPForms](https://wordpress.org/plugins/wpforms-lite/), [Formidable Form Builder](https://wordpress.org/plugins/formidable/), [Fluent Forms](https://wordpress.org/plugins/fluentform/), and [wpDiscuz](https://wordpress.org/plugins/wpdiscuz/).
-* Ensure secure registrations for your [WooCommerce](https://wordpress.org/plugins/woocommerce/) store.
-* Protect your [Mailchimp for WordPress](https://wordpress.org/plugins/mailchimp-for-wp/) sign-ups from potential abuse.
-* Keep your [ProfilePress](https://wordpress.org/plugins/wp-user-avatar/) registrations safe and secure.
-* Plus, our plugin seamlessly integrates into any existing theme or plugin, providing ultimate flexibility.
+* No captchas or moderation queues — no longer a admin’s problem.
+* Our system dynamically blocks threats, keeping your site safe.
+* Integration with global IP reputation providers for enhanced security.
+* Block IPs temporarily or permanently, keep unwanted visitors out.
+* Geolocation tracks origins of threats, providing valuable insights.
+* Ability to block countries, regions, zip/postal codes & cities.
+* Utilize [splorp's Comment Blacklist](https://github.com/splorp/wordpress-comment-blacklist) to strengthen your disallowed list.
+* Block disposable & malicious email effortlessly with [disposable](https://github.com/disposable).
+* Multiple techniques, including the renowned solution by [David Walsh](https://davidwalsh.name/wordpress-comment-spam).
-Experience the peace of mind that comes with Zero Spam for WordPress—your reliable shield against spam and malicious threats.
+= Seamlessly integrates with popular plugins including: =
-= Expert Support at Your Service =
+* [WooCommerce](https://wordpress.org/plugins/woocommerce/) — Secure customer registrations.
+* [GiveWP](https://givewp.com/ref/1118/) — Prevents attempts to test stolen credit cards.
+* [ProfilePress](https://wordpress.org/plugins/wp-user-avatar/) — Keeps registrations safe & secure.
+* [Mailchimp for WordPress](https://wordpress.org/plugins/mailchimp-for-wp/) — Protects sign-ups from abuse.
+* [Gravity Forms](https://www.gravityforms.com/), [Contact Form 7](https://wordpress.org/plugins/contact-form-7/), [WPForms](https://wordpress.org/plugins/wpforms-lite/), [Formidable Form Builder](https://wordpress.org/plugins/formidable/), [Fluent Forms](https://wordpress.org/plugins/fluentform/), [wpDiscuz](https://wordpress.org/plugins/wpdiscuz/) — Versatile form protection.
-* Our dedicated team of highly-experienced developers is here to provide you with unparalleled support.
-* Have questions or need assistance? Join the vibrant support forum and tap into a wealth of knowledge.
-* Share your feedback, report bugs, or suggest new features on [Github](https://github.com/Highfivery/zero-spam-for-wordpress/issues) to help us continuously improve.
-* For direct inquiries or personalized assistance, feel free to [contact us directly](https://www.zerospam.org/contact).
-
-With Zero Spam for WordPress, you not only get exceptional protection but also a reliable support system that ensures your peace of mind.
+With Zero Spam for WordPress, you not only get exceptional protection but also a reliable support that ensures your peace of mind.
= Enhance Detection with Optional 3rd-Party Integrations =
-Zero Spam for WordPress offers the flexibility to integrate with additional services, bolstering its ability to detect spam and malicious users. While these integrations are entirely optional and not mandatory for Zero Spam to function, they can provide valuable insights. Prior to opting into any of these services, we recommend reviewing their respective terms of use and privacy policies.
+Zero Spam for WordPress can integrate optional services for enhanced spam detection. Before using these, we recommend reviewing their terms and privacy policies.
-* **[Zero Spam](https://www.zerospam.org/)** - Utilize their advanced spam score analysis by sharing visitor IP and, when available, email. Take a look at their [Privacy Policy](https://www.zerospam.org/privacy/) and [Terms of Use](https://www.zerospam.org/terms/) for more details.
-* **[ipbase.com](https://ipbase.com/)** - Access detailed geolocation information by sharing visitor IP. Familiarize yourself with their [Privacy Policy](https://ipbase.com/privacy-policy/) and [Terms of Use](https://www.iubenda.com/terms-and-conditions/41661719).
-* **[ipinfo.io](https://ipinfo.io/)** - Gather comprehensive geolocation details by sharing visitor IP. Refer to their [Privacy Policy](https://ipinfo.io/privacy-policy) and [Terms of Use](https://ipinfo.io/terms-of-service) for further information.
-* **[ipstack](https://ipstack.com/)** - Obtain extensive geolocation insights by sharing visitor IP. Review their [Privacy Policy](https://www.ideracorp.com/Legal/APILayer/PrivacyStatement) and [Terms of Use](https://ipstack.com/terms) to learn more.
-* **[Stop Forum Spam](https://www.stopforumspam.com/)** - Verify if visitors' IPs have been reported for spam-related activities. Explore their [Privacy Policy](https://www.stopforumspam.com/privacy) and [Terms of Use](https://www.stopforumspam.com/legal) for additional details.
-* **[Project Honeypot](https://www.projecthoneypot.org/)** - Check if visitors' IPs have been flagged for suspicious behavior. Refer to their [Privacy Policy](https://www.projecthoneypot.org/privacy_policy.php) and [Terms of Use](https://www.projecthoneypot.org/terms_of_use.php) for more information.
-* **[Google Maps](https://developers.google.com/maps)** - Enable plotting of attack locations on Google Maps. Please review their [Privacy Policy](https://www.ideracorp.com/Legal/APILayer/PrivacyStatement) and [Terms of Use](https://developers.google.com/terms/site-terms) for complete details.
+* **[Zero Spam](https://www.zerospam.org/)** - Utilize our real-time IP reputation analysis. Take a look at our [Privacy Policy](https://www.zerospam.org/privacy/) and [Terms of Use](https://www.zerospam.org/terms/) for more details.
+* **[ipbase.com](https://ipbase.com/)** - Access detailed geolocation information of attackers. Familiarize yourself with their [Privacy Policy](https://ipbase.com/privacy-policy/) & [Terms of Use](https://www.iubenda.com/terms-and-conditions/41661719).
+* **[ipinfo.io](https://ipinfo.io/)** - Gather geolocation details of malicious users. Refer to their [Privacy Policy](https://ipinfo.io/privacy-policy) & [Terms of Use](https://ipinfo.io/terms-of-service) for further information.
+* **[ipstack](https://ipstack.com/)** - Obtain extensive geolocation insights. Review their [Privacy Policy](https://www.ideracorp.com/Legal/APILayer/PrivacyStatement) & [Terms of Use](https://ipstack.com/terms) to learn more.
+* **[Stop Forum Spam](https://www.stopforumspam.com/)** - Verify if visitors' IPs have been reported. Explore their [Privacy Policy](https://www.stopforumspam.com/privacy) and [Terms of Use](https://www.stopforumspam.com/legal) for additional details.
+* **[Project Honeypot](https://www.projecthoneypot.org/)** - Check if visitors' IPs have been flagged. Refer to their [Privacy Policy](https://www.projecthoneypot.org/privacy_policy.php) and [Terms of Use](https://www.projecthoneypot.org/terms_of_use.php) for more information.
+* **[Google Maps](https://developers.google.com/maps)** - Plot attack locations on Google Maps. Please review their [Privacy Policy](https://www.ideracorp.com/Legal/APILayer/PrivacyStatement) & [Terms of Use](https://developers.google.com/terms/site-terms) for complete details.
Additionally, you have the option to contribute to Zero Spam's improvement by enabling the sharing of detection information. For further information on the shared data, kindly refer to our [FAQ](https://github.com/Highfivery/zero-spam-for-wordpress/wiki/FAQ).
@@ -118,6 +103,10 @@ If hosting with Pantheon, see their [known issues page](https://pantheon.io/docs
== Changelog ==
+= v5.5.2 =
+
+* fix(vulnerability): fix for bypass using .ico in url or adjusting the x-forwarded-for header
+
= v5.5.1 =
* fix(david walsh): fix for jquery not defined error, related to the zerospamdavidwalsh method, resolves #359